﻿using System;
using System.Data;
using System.Data.SqlClient;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;

namespace AIC_CD
{
    public partial class UCUserManager : System.Web.UI.UserControl
    {
        private static int NhomUserID;

        #region Ham chuc nang

        protected void BindDataToDataList()
        {
            DataTable dt = SqlHelper.ExecuteDataTable(CommandType.Text, "SELECT * FROM dbo.tblDanhMuc WHERE MaDM = 'NhomNguoiDung'");

            dtlNhomNguoiDung.DataSource = dt;
            dtlNhomNguoiDung.DataBind();
        }

        protected void BindDataToGridView(int ID)
        {
            string sql = "SELECT tblDanhMuc.ID,MaDM,TenDM,COALESCE(Xem ,0) AS Xem,COALESCE(Them ,0) AS Them,COALESCE(Sua ,0) AS Sua," +
                         "COALESCE(Xoa ,0) AS Xoa,GhiChu FROM dbo.tblDanhMuc " +
                         "LEFT JOIN dbo.tblPhanQuyen ON tblPhanQuyen.QuyenID_DM = tblDanhMuc.ID AND UserNhomID_DM = " + ID +
                         " WHERE tblDanhMuc.MaDM = 'QuyenDung' ";
            DataTable dt = SqlHelper.ExecuteDataTable(CommandType.Text, sql);
            grdDanhMuc.DataSource = dt;
            grdDanhMuc.DataBind();

        }

        #endregion Ham chuc nang

        #region Ham Su kien
        protected void Page_Load(object sender, EventArgs e)
        {
            BindDataToDataList();
        }

        protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
        {
            Response.Redirect("Index.aspx");
        }
        #endregion Ham su kien

        protected void dtlNhomNguoiDung_ItemCommand(object source, DataListCommandEventArgs e)
        {
            btnThem.Visible = true;
            NhomUserID = Convert.ToInt32(dtlNhomNguoiDung.DataKeys[e.Item.ItemIndex]);
            BindDataToGridView(NhomUserID);
        }

        protected void btnThem_Click(object sender, EventArgs e)
        {
            SqlTransaction tran = SqlHelper.BeginTransaction();
            try
            {
                for (int i = 0; i < grdDanhMuc.Rows.Count; i++)
                {
                    CheckBox chkXem = (CheckBox)grdDanhMuc.Rows[i].FindControl("chkXem");
                    CheckBox chkTaoMoi = (CheckBox)grdDanhMuc.Rows[i].FindControl("chkTaoMoi");
                    CheckBox chkCapNhat = (CheckBox)grdDanhMuc.Rows[i].FindControl("chkCapNhat");
                    CheckBox chkXoa = (CheckBox)grdDanhMuc.Rows[i].FindControl("chkXoa");
                    Label lblID = (Label)grdDanhMuc.Rows[i].FindControl("lblID");

                    int Xem = chkXem.Checked ? 1 : 0;
                    int TaoMoi = chkTaoMoi.Checked ? 1 : 0;
                    int CapNhat = chkCapNhat.Checked ? 1 : 0;
                    int Xoa = chkXoa.Checked ? 1 : 0;

                    int QuyenID = Convert.ToInt32(lblID.Text);
                    ThemMoiQuyenUser(NhomUserID, QuyenID, Xem, TaoMoi, CapNhat, Xoa);
                }
                tran.Commit();
                MyCommon.AddMessage(this.Page.Master, "Phân quyền người dùng thành công !", MyConst.MessageType.Success);
            }
            catch (Exception ex)
            {
                MyCommon.AddMessage(this.Page.Master, "Phân quyền người dùng xảy ra lỗi : <br />" + ex.StackTrace, MyConst.MessageType.Error);
                tran.Rollback();
            }
        }

        protected void ThemMoiQuyenUser(int UserNhomID_DM, int QuyenID_DM, int Xem, int Them, int Sua, int Xoa)
        {
            string sql = "SELECT * FROM dbo.tblPhanQuyen WHERE UserNhomID_DM = @UserNhomID_DM AND QuyenID_DM = @QuyenID_DM";
            List<SqlParameter> arrParams = new List<SqlParameter>();
            arrParams.Add(SqlHelper.CreateParameterObject("@UserNhomID_DM", SqlDbType.Int, ParameterDirection.Input, UserNhomID_DM));
            arrParams.Add(SqlHelper.CreateParameterObject("@QuyenID_DM", SqlDbType.Int, ParameterDirection.Input, QuyenID_DM));
            DataTable dt = SqlHelper.ExecuteDataTable(CommandType.Text, sql, arrParams);
            if (dt.Rows.Count == 0)
            {
                sql = "INSERT INTO dbo.tblPhanQuyen" +
                      "(UserNhomID_DM ,QuyenID_DM ,Xem ,Them ,Sua ,Xoa ,CreateDate ,UpdateDate ,UserID)" +
                      "VALUES(@UserNhomID_DM,@QuyenID_DM,@Xem ,@Them ,@Sua ,@Xoa ,GETDATE(),GETDATE(),@UserID)";
                arrParams.Add(SqlHelper.CreateParameterObject("@Xem", SqlDbType.Int, ParameterDirection.Input, Xem));
                arrParams.Add(SqlHelper.CreateParameterObject("@Them", SqlDbType.Int, ParameterDirection.Input, Them));
                arrParams.Add(SqlHelper.CreateParameterObject("@Sua", SqlDbType.Int, ParameterDirection.Input, Sua));
                arrParams.Add(SqlHelper.CreateParameterObject("@Xoa", SqlDbType.Int, ParameterDirection.Input, Xoa));
                arrParams.Add(SqlHelper.CreateParameterObject("@UserID", SqlDbType.Int, ParameterDirection.Input, Session["userid"]));
                SqlHelper.ExecuteNonQuery(CommandType.Text, sql, arrParams);
            }
            else
            {
                sql = "UPDATE dbo.tblPhanQuyen SET Xem = @Xem,Them = @Them,Sua = @Sua,Xoa = @Xoa,UpdateDate = GETDATE()," +
                      "UserID = @UserID WHERE UserNhomID_DM = @UserNhomID_DM AND QuyenID_DM = @QuyenID_DM";
                arrParams.Add(SqlHelper.CreateParameterObject("@Xem", SqlDbType.Int, ParameterDirection.Input, Xem));
                arrParams.Add(SqlHelper.CreateParameterObject("@Them", SqlDbType.Int, ParameterDirection.Input, Them));
                arrParams.Add(SqlHelper.CreateParameterObject("@Sua", SqlDbType.Int, ParameterDirection.Input, Sua));
                arrParams.Add(SqlHelper.CreateParameterObject("@Xoa", SqlDbType.Int, ParameterDirection.Input, Xoa));
                arrParams.Add(SqlHelper.CreateParameterObject("@UserID", SqlDbType.Int, ParameterDirection.Input, Session["userid"]));
                SqlHelper.ExecuteNonQuery(CommandType.Text, sql, arrParams);
            }
            arrParams = null;
        }
    }
}